On Fri, 23 Nov 2007 22:46:12 +0000, Roy Schestowitz wrote:
> Expert scares world with VoIP hacking proof
>
> ,----[ Quote ]
>| An expert has released a proof-of-concept program to show how easy it would
>| be for criminals to eavesdrop on the VoIP-based phone calls of any company
>| using the technology.
> `----
>
> http://www.techworld.com/security/news/index.cfm?newsid=10736
Yeah, and IM's are cleartext, telnet and ftp are as well. It's not news to
anyone that knows anything about VOIP that it can be tapped easily, in fact
there are entire products (both commercial and open source) dedicated to
it.
> Related:
>
> Beware of Skype
>
> ,----[ Quote ]
>| The Skype network has been a concern of government intelligence agencies
>| since its inception because it provides a worldwide network of encrypted VoIP
>| calls to potential “terrorists”. So how coincidental is it that 10 days after
>| Bush signs into law a Bill giving the government authority to track foreign
>| calls that go through U.S. networks that Skype, for the first time in its
>| existence, undergoes a massive worldwide outage?
>|
>| [...]
>|
>| But there are FOSS alternatives to Skype people really should start
>| considering now. One is the OpenWengo Project. Businesses, and even
>| individuals, should also consider setting up their own Asterisk servers with
>| encryption.
> `----
>
> http://www.freesoftwaremagazine.com/node/2479
Vague speculation and scare mongering really. Not to mention that his
"advice" is useless, since Asterisk only offers encryption via IAX2 and
even then it's buried and considered "experimental". Further, there are no
VOIP service providers (other than one european one) that offers SRTP or
other encrypted VOIP.
It's sad, really.